Add users to databases in Availability Groups

Hello,
I created a database.
On instance level I selected Security | Logins and added some users.
I granted the users a number of roles on the database I created.
I added the database to an Availability group. Now two replicas of the database are on two servers.
When I look on the server that is running the secondary replica the users have not been added to the users on instance level. Is that going to work fine after a failover?
Should I add the users to the Instance(s) of other cluster members before I restore the database? That would make sense.
I cannot find any documents that tell me about creating users in databases that have been added to an availability group.
Best regards,
Erik

Thanks for you answer.
I used sp_help_revlogin to script out the logins the applications and users need to connect to the database, including their SIDs, and executed it on the secondary replicas servers
so that it is available.
I have done that before I restored the database on the secondary replica servers.
I guess I have to run sp_help_revlogin every time I add a user on the primary server.
Best regards,
Erik
If it is a windows login, it will have the same SID across the domain so no need to run sp_help_rev_login, you can directly create the login in the secondary and the mapping is taken care itself with the database user. If you are creating SQL Logins
you need to script it out using sp_help_rev_login for the secondary server.
If you are willing to automate this activity, Please explore " ssis package to transfer logins" and try to customize it to your need and schedule it as a job.
http://technet.microsoft.com/en-us/library/ms137870.aspx
Thanks

Similar Messages

  • Cannot add users to mapped third party group

    when i try to add a user to a group i get the following message
    "cannot add users to mapped third party group"

    If a group was mapped in via AD/LDAP/SAP then the users must be added in the 3rd party (AD/LDAP/SAP) you cannot create members inthe CMC. This is by product design. If you want to add members to groups in the CMC they must be enterprise groups only (groups created in the CMC not mapped in from 3rd parties).
    Regards,
    Tim

  • How to add user to one to many groups in Active directory using powershell

    Hi  All
    I am working on a script to create a user and based on user type i would like to add that user into 2 to 3 groups . At the moment i have 3 groups e.g domain users, Developers, tester, 
    $NewUser = Read-Host "New Username"
    $firstname = Read-Host "First Name"
    $Lastname = Read-Host "Last Name"
    $NewName = "$firstname $lastname"
    $Group = "Dev"
    New-ADUser -SamAccountName $NewUser -Name $NewName -GivenName $firstname -Surname $lastname -displayname $Newname -UserPrincipalName $[email protected] -Path "CN=Users,DC=mydomain,DC=local" -AccountPassword (ConvertTo-SecureString -AsPlainText
    "Password" -Force)  -Enabled $true 
    Add-ADGroupMember -Identity $Group  -Members $NewUser
    I am not sure how to give user(sys admin) this option of choosing 1 or more groups while creating new user

    modified this line Add-ADGroupMember
    -Identity ([string]$h[$group])
    -Members
    $NewUser
    and
    now getting the error message Add-ADGroupMember : Cannot find
    an object with identity: '' under: 'DC=mydomain,DC=local

  • How to add users to group which is present in another AD domain?

    Hi,
    Using JNDI how to add user as a member of group which is present in another AD domain?
    For example: In AD forest test.com their are two domain a.test.com and b.test.com. Group is present in a.test.com and I want to add user present in b.test.com as a member of the group.
    Any pointer around this would be great help.

    See the below link to get an idea on group types.
    http://technet.microsoft.com/en-us/library/cc755692(v=ws.10).aspx
    If the group is a universal group, you can just add members similar to local group even if user and group are in different domains. That is by setting the member attribute of the group.

  • Cannot add users to a mapped third party group

    Hi Experts,
    When i try to add my sap groups(SB1~100@xxxx) to my ad users iam getting error as "cannot add users to a mapped thirdparty group.Pls advice how can i add these groups

    You cannot add a user to a SAP group, create an enterprise user group and add both SAP group and AD user to that.

  • Am I trying to add users to a group correctly?!

    Experts (Dave?!):
    As posted yesterday, I'm finally able to log in to the RHS Admin Console.
    I've been testing the Users areas. I'm having trouble adding users to a group other than the RobAdmin. Please let me know what/if I'm doing wrong. My procedure:
    1) Access the Users panel:
    2) Click the upper Add to add new group writers:
    3) Click OK. The writers group appears in the Group pulldown:
    4) Type in new user Kurt:
    5) Click Add. Note how the selected group snaps back to RobAdmin!
    6) Click Yes to confirm the user addition:
    7) Observe how Kurt is now added to the RoboAdmin group. (D'oh!).
    8) Observer how Kurt is NOT added to the writers group. (D'oh d'oh!)
    Is the above the expected behavior? If so, how does one add users to a non-RobAdmin group?!?!?
    Thanks in advance!.
    -Kurt

    Kurt, I hope the robo team is reading this, because I think this problem has been going on for a long while. What happens for us is, you can create the group, then add the user, then the group disappears from the drop-down upon refresh. I remember John Daigle looked at it a while back and was puzzled. It's the only part of server that isn't working right for us now, but it's a real pain--I can't create groups or add users.
    David
    HTML11/Server 9

  • Always On Availability Groups

    Hello everyone!
    I am currently planning to implement SQL Always On Availability Groups.
    Mainly i have one sql server so apparently i need to setup a new sql server.
    In the wizard there is a page where I need to select Initial data synchronization full or join.
    What’s the difference?? Is choosing the full option requires me to provide a Third  server to temporarily store my database so my 2 main SQL server can sync for the first time? And if yes can I remove this shared location (Third server) after the database
    are synced??
    Thank You.

    Join option only if the new
    secondary databases already exist on each server instance that hosts a secondary replica for the availability group. That is you have manually restore a recent database backup of the primary database using RESTORE WITH NORECOVERY, and then restore each
    subsequent log backup using RESTORE WITH NORECOVERY.
    Full option
    creates a full and log backup of the primary database, create the corresponding secondary databases by restoring these backups on every server instance that is hosting a secondary replica, and join each secondary database to availability group.
    When you use full you have to
    specify a network share folder in order for the wizard to create backups and secondary replica will access backups to perform restores from this stage. Yes you can remove the share once the all databases are in sync.

  • Automatically add a Database to an Availability Group

    Dears, I need to know if there any way to configure SQL always on to automatically add new Databases to an Availability Group.
    Ayman Saleh

    Hi can any one update the TSQL script here:
    Requirements:
    Every time the newly created or added databases should be full backed up once in the shared location with
    automated script.
    Newly created database should be added into always on group and should be added to available replica automatically
    with the TSQL script

  • ADCS add user to group

    Hi Experts,
    OIM is giving response as "Group does not exist in target system" for add user to group task. But this group is available in AD. Can any one help me to solve it.
    Process which we followed is
    defining Group DN using custom adapter (prepared group DN based on user's region -> Group DN: cn=G1,ou=EEE-BASE,ou=Groups)
    We have lookup defination "AD Grouplookup recon" with all group values from AD
    when we provisiong user, we are getting the abvoe mentioned response for the task "add user to group"
    Please suggest me.
    regards,
    Ravi G.

    Kevin,
    implementation logic:
    we have added the defined groupDN value to child form using the method "formIntf.addProcessFormChildData(childKey, processInstanceKey, attrChildData);" in one java method and we are setting the groupDN field value before calling "ADCSADDUSERTOGROUP".
    Our log detials are as follows where ITS IS NOT WORKIG in one environment (ENV 1)
    INFO [XELLERATE.DATABASE] DB read: select * from lku where upper(lku_field) in ('LKV_KEY', 'LKU_KEY', 'LKV_ENCODED', 'LKV_DECODED', 'LKV_LANGUAGE', 'LKV_COUNTRY', 'LKV_VARIANT', 'LKV_DISABLED', 'LKU_TYPE_STRING_KEY') and lku_type='f'
    DEBUG [XELLERATE.DATABASE] select * from lku where upper(lku_field) in ('LKV_KEY', 'LKU_KEY', 'LKV_ENCODED', 'LKV_DECODED', 'LKV_LANGUAGE', 'LKV_COUNTRY', 'LKV_VARIANT', 'LKV_DISABLED', 'LKU_TYPE_STRING_KEY') and lku_type='f'
    DEBUG [XELLERATE.SERVER] Class/Method: tcDataBase/eventPreInsert entered.
    DEBUG [XELLERATE.SERVER] Class/Method: tcDataBase/tcDataBase left.
    DEBUG [XELLERATE.SERVER] Class/Method: tcDataBase/eventPreInsert entered.
    DEBUG [XELLERATE.SERVER] Class/Method: tcDataBase/tcDataBase left.
    DEBUG [OIMCP.ADCS] com.thortech.xl.integration.ActiveDirectory.tcUtilAttributeNameMap : getUDFChildRecordIntegrationAttributes:: FINISHED
    DEBUG [OIMCP.ADCS] com.thortech.xl.integration.ActiveDirectory.tcUtilADTasks : getChildTableData:: FINISHED
    INFO [STDOUT] Running Add User To Group
    DEBUG [OIMCP.ADCS] com.thortech.xl.integration.ActiveDirectory.tcUtilADTasks : addUserToGroup:: STARTED
    DEBUG [OIMCP.ADCS] com.thortech.xl.integration.ActiveDirectory.tcADUtilLDAPController : getAttributeValues:: STARTED
    DEBUG [OIMCP.ADCS] com.thortech.xl.integration.ActiveDirectory.tcADUtilLDAPController : getPath:: STARTED
    DEBUG [OIMCP.ADCS] com.thortech.xl.integration.ActiveDirectory.tcADUtilLDAPController : getPath:: FINISHED
    DEBUG [OIMCP.ADCS] com.thortech.xl.integration.ActiveDirectory.tcADUtilLDAPController : connectToAvailableAD:: STARTED
    DEBUG [OIMCP.ADCS] com.thortech.xl.integration.ActiveDirectory.tcADUtilLDAPController : hashTableEnvForDirContext:: STARTED
    DEBUG [OIMCP.ADCS] com.thortech.xl.integration.ActiveDirectory.tcADUtilLDAPController : hashTableEnvForDirContext:: FINISHED
    DEBUG [OIMCP.ADCS] com.thortech.xl.integration.ActiveDirectory.tcADUtilLDAPController : hashTableEnvForLDAPContext:: STARTED
    DEBUG [OIMCP.ADCS] com.thortech.xl.integration.ActiveDirectory.tcADUtilLDAPController : hashTableEnvForLDAPContext:: FINISHED
    DEBUG [OIMCP.ADCS] com.thortech.xl.integration.ActiveDirectory.tcADUtilLDAPController : validateCertificates:: STARTED
    DEBUG [OIMCP.ADCS] com.thortech.xl.integration.ActiveDirectory.tcADUtilLDAPController : validateCertificates:: FINISHED
    DEBUG [OIMCP.ADCS] com.thortech.xl.integration.ActiveDirectory.tcADUtilLDAPController : connectToAvailableAD : Critical Extensions Supported
    DEBUG [OIMCP.ADCS] com.thortech.xl.integration.ActiveDirectory.tcADUtilLDAPController : invalidateSSLSession:: STARTED
    DEBUG [OIMCP.ADCS] com.thortech.xl.integration.ActiveDirectory.tcADUtilLDAPController : invalidateSSLSession:: FINISHED
    DEBUG [OIMCP.ADCS] com.thortech.xl.integration.ActiveDirectory.tcADUtilLDAPController : connectToAvailableAD:: FINISHED
    DEBUG [OIMCP.ADCS] com.thortech.xl.integration.ActiveDirectory.tcADUtilLDAPController : getAttributeValues:: FINISHED
    DEBUG [OIMCP.ADCS] com.thortech.xl.integration.ActiveDirectory.tcUtilADTasks : getObjectByObjectGUID:: STARTED
    DEBUG [OIMCP.ADCS] com.thortech.xl.integration.ActiveDirectory.tcADUtilLDAPController : search:: STARTED
    DEBUG [OIMCP.ADCS] com.thortech.xl.integration.ActiveDirectory.tcADUtilLDAPController : getPath:: STARTED
    DEBUG [OIMCP.ADCS] com.thortech.xl.integration.ActiveDirectory.tcADUtilLDAPController : getPath:: FINISHED
    DEBUG [OIMCP.ADCS] com.thortech.xl.integration.ActiveDirectory.tcADUtilLDAPController : connectToAvailableAD:: STARTED
    DEBUG [OIMCP.ADCS] com.thortech.xl.integration.ActiveDirectory.tcADUtilLDAPController : hashTableEnvForDirContext:: STARTED
    DEBUG [OIMCP.ADCS] com.thortech.xl.integration.ActiveDirectory.tcADUtilLDAPController : hashTableEnvForDirContext:: FINISHED
    DEBUG [OIMCP.ADCS] com.thortech.xl.integration.ActiveDirectory.tcADUtilLDAPController : hashTableEnvForLDAPContext:: STARTED
    DEBUG [OIMCP.ADCS] com.thortech.xl.integration.ActiveDirectory.tcADUtilLDAPController : hashTableEnvForLDAPContext:: FINISHED
    DEBUG [OIMCP.ADCS] com.thortech.xl.integration.ActiveDirectory.tcADUtilLDAPController : validateCertificates:: STARTED
    DEBUG [OIMCP.ADCS] com.thortech.xl.integration.ActiveDirectory.tcADUtilLDAPController : validateCertificates:: FINISHED
    DEBUG [OIMCP.ADCS] com.thortech.xl.integration.ActiveDirectory.tcADUtilLDAPController : connectToAvailableAD : Critical Extensions Supported
    DEBUG [OIMCP.ADCS] com.thortech.xl.integration.ActiveDirectory.tcADUtilLDAPController : invalidateSSLSession:: STARTED
    DEBUG [OIMCP.ADCS] com.thortech.xl.integration.ActiveDirectory.tcADUtilLDAPController : invalidateSSLSession:: FINISHED
    DEBUG [OIMCP.ADCS] com.thortech.xl.integration.ActiveDirectory.tcADUtilLDAPController : connectToAvailableAD:: FINISHED
    DEBUG [OIMCP.ADCS] com.thortech.xl.integration.ActiveDirectory.tcADUtilLDAPController : disconnect:: STARTED
    DEBUG [OIMCP.ADCS] com.thortech.xl.integration.ActiveDirectory.tcADUtilLDAPController : disconnect:: FINISHED
    DEBUG [OIMCP.ADCS] com.thortech.xl.integration.ActiveDirectory.tcADUtilLDAPController : search:: FINISHED
    DEBUG [OIMCP.ADCS] com.thortech.xl.integration.ActiveDirectory.tcADUtilLDAPController : disconnect:: STARTED
    DEBUG [OIMCP.ADCS] com.thortech.xl.integration.ActiveDirectory.tcADUtilLDAPController : disconnect:: FINISHED
    DEBUG [OIMCP.ADCS] com.thortech.xl.integration.ActiveDirectory.tcUtilADTasks : addUserToGroup:: FINISHED
    DEBUG [XELLERATE.ADAPTERS] Class/Method: tcAdpEvent/setAdpRetVal entered.
    DEBUG [XELLERATE.ADAPTERS] Class/Method: tcAdpEvent/getRetValString entered.
    DEBUG [XELLERATE.ADAPTERS] Class/Method: tcAdpEvent/getRetValString - Data: class - Value: java.lang.String
    DEBUG [XELLERATE.ADAPTERS] Class/Method: tcAdpEvent/getRetValString - Data: poRetVal.toString() - Value: AD.USER_OR_GROUP_DOES_NOT_EXIST
    DEBUG [XELLERATE.ADAPTERS] Class/Method: tcAdpEvent/getRetValString - Data: Returning:sRetVal - Value: AD.USER_OR_GROUP_DOES_NOT_EXIST
    DEBUG [XELLERATE.ADAPTERS] Class/Method: tcAdpEvent/getRetValString left.
    DEBUG [XELLERATE.ADAPTERS] Class/Method: tcAdpEvent/setAdpRetVal - Data: Setting Adapter Return Value to AD.USER_OR_GROUP_DOES_NOT_EXIST - Value:
    DEBUG [XELLERATE.ADAPTERS] Class/Method: tcAdpEvent/setAdpRetVal left.
    DEBUG [XELLERATE.ADAPTERS] Class/Method: tcAdpEvent/finalizeProcessAdapter entered.
    DEBUG [XELLERATE.SERVER] Class/Method: tcBusinessObj/getString entered.
    DEBUG [XELLERATE.SERVER] Class/Method: tcDataBase/readPartialStatement entered.
    INFO [XELLERATE.DATABASE] DB read: select mav.spd_key,mav.mav_map_child_table_name, mav.mav_map_to, mav.mav_map_qualifier, mav.mav_map_value, mav.mav_field_length from mav mav, mil mil, adv adv where mav.mil_key = mil.mil_key and mil.mil_key = 81 and mav.adv_key = adv.adv_key and adv.adv_name = 'Adapter return value' and adv.adp_key = 31
    DEBUG [XELLERATE.DATABASE] select mav.spd_key,mav.mav_map_child_table_name, mav.mav_map_to, mav.mav_map_qualifier, mav.mav_map_value, mav.mav_field_length from mav mav, mil mil, adv adv where mav.mil_key = mil.mil_key and mil.mil_key = 81 and mav.adv_key = adv.adv_key and adv.adv_name = 'Adapter return value' and adv.adp_key = 31
    DEBUG [XELLERATE.ADAPTERS] Class/Method: tcAdpEvent/finalizeProcessAdapter - Data: Mapped to Response Code - Value:
    DEBUG [XELLERATE.ADAPTERS] Class/Method: tcAdpEvent/updateSchItem entered.
    DEBUG [XELLERATE.ADAPTERS] Class/Method: tcAdpEvent/updateSchItem - Data: event - Value: adpADCSADDUSERTOGROUP
    DEBUG [XELLERATE.ADAPTERS] Class/Method: tcAdpEvent/updateSchItem - Data: New Status - Value:
    DEBUG [XELLERATE.ADAPTERS] Class/Method: tcAdpEvent/updateSchItem - Data: SchData - Value: AD.USER_OR_GROUP_DOES_NOT_EXIST
    DEBUG [XELLERATE.ADAPTERS] Class/Method: tcAdpEvent/updateSchItem - Data: Reason - Value:
    DEBUG [XELLERATE.SERVER] Class/Method: tcBusinessObj/getString entered.
    DEBUG [XELLERATE.SERVER] Class/Method: tcBusinessObj/getString entered.
    please see the log details are as follows where ITS WORKING (some other environment (ENV 2)pointing to different AD)
    INFO (JMS SessionPool Worker-0) [XELLERATE.DATABASE] DB read: select * from lku where upper(lku_field) in ('LKV_KEY', 'LKU_KEY', 'LKV_ENCODED', 'LKV_DECODED', 'LKV_LANGUAGE', 'LKV_COUNTRY', 'LKV_VARIANT', 'LKV_DISABLED', 'LKU_TYPE_STRING_KEY') and lku_type='f'
    DEBUG (JMS SessionPool Worker-0) [XELLERATE.DATABASE] select * from lku where upper(lku_field) in ('LKV_KEY', 'LKU_KEY', 'LKV_ENCODED', 'LKV_DECODED', 'LKV_LANGUAGE', 'LKV_COUNTRY', 'LKV_VARIANT', 'LKV_DISABLED', 'LKU_TYPE_STRING_KEY') and lku_type='f'
    DEBUG (JMS SessionPool Worker-0) [XELLERATE.SERVER] Class/Method: tcDataBase/eventPreInsert entered.
    DEBUG (JMS SessionPool Worker-0) [XELLERATE.SERVER] Class/Method: tcDataBase/tcDataBase left.
    DEBUG (JMS SessionPool Worker-0) [XELLERATE.SERVER] Class/Method: tcDataBase/eventPreInsert entered.
    DEBUG (JMS SessionPool Worker-0) [XELLERATE.SERVER] Class/Method: tcDataBase/tcDataBase left.
    DEBUG (JMS SessionPool Worker-0) [OIMCP.ADCS] com.thortech.xl.integration.ActiveDirectory.tcUtilAttributeNameMap : getIntegrationAttributes:: FINISHED
    DEBUG (JMS SessionPool Worker-0) [XELLERATE.ADAPTERS] Class/Method: tcADPClassLoader/findClass entered.
    DEBUG (JMS SessionPool Worker-0) [XELLERATE.ADAPTERS] Class/Method: tcADPClassLoader:findClass - Data: loading class - Value: com.thortech.xl.schedule.tasks.ADITRes
    DEBUG (JMS SessionPool Worker-0) [OIMCP.ADCS] com.thortech.xl.integration.ActiveDirectory.tcADUtilLDAPController : removeDomainFromName:: STARTED
    DEBUG (JMS SessionPool Worker-0) [OIMCP.ADCS] com.thortech.xl.integration.ActiveDirectory.tcADUtilLDAPController : removeDomainFromName:: FINISHED
    DEBUG (JMS SessionPool Worker-0) [OIMCP.ADCS] com.thortech.xl.integration.ActiveDirectory.tcADUtilLDAPController : getAttributeValues:: STARTED
    DEBUG (JMS SessionPool Worker-0) [OIMCP.ADCS] com.thortech.xl.integration.ActiveDirectory.tcADUtilLDAPController : getPath:: STARTED
    DEBUG (JMS SessionPool Worker-0) [OIMCP.ADCS] com.thortech.xl.integration.ActiveDirectory.tcADUtilLDAPController : getPath:: FINISHED
    DEBUG (JMS SessionPool Worker-0) [OIMCP.ADCS] com.thortech.xl.integration.ActiveDirectory.tcADUtilLDAPController : connectToAvailableAD:: STARTED
    DEBUG (JMS SessionPool Worker-0) [OIMCP.ADCS] com.thortech.xl.integration.ActiveDirectory.tcADUtilLDAPController : hashTableEnvForDirContext:: STARTED
    DEBUG (JMS SessionPool Worker-0) [OIMCP.ADCS] com.thortech.xl.integration.ActiveDirectory.tcADUtilLDAPController : hashTableEnvForDirContext:: STARTED
    DEBUG (JMS SessionPool Worker-0) [OIMCP.ADCS] com.thortech.xl.integration.ActiveDirectory.tcADUtilLDAPController : hashTableEnvForDirContext:: FINISHED
    DEBUG (JMS SessionPool Worker-0) [OIMCP.ADCS] com.thortech.xl.integration.ActiveDirectory.tcADUtilLDAPController : hashTableEnvForLDAPContext:: STARTED
    DEBUG (JMS SessionPool Worker-0) [OIMCP.ADCS] com.thortech.xl.integration.ActiveDirectory.tcADUtilLDAPController : hashTableEnvForLDAPContext:: STARTED
    DEBUG (JMS SessionPool Worker-0) [OIMCP.ADCS] com.thortech.xl.integration.ActiveDirectory.tcADUtilLDAPController : hashTableEnvForLDAPContext:: FINISHED
    INFO (JMS SessionPool Worker-0) [OIMCP.ADCS] com.thortech.xl.integration.ActiveDirectory.tcADUtilLDAPController : connectToAvailableAD : SSL option is not selected in ITResource
    DEBUG (JMS SessionPool Worker-0) [OIMCP.ADCS] com.thortech.xl.integration.ActiveDirectory.tcADUtilLDAPController : connectToAvailableAD:: FINISHED
    DEBUG (JMS SessionPool Worker-0) [OIMCP.ADCS] com.thortech.xl.integration.ActiveDirectory.tcADUtilLDAPController : getAttributeValues:: FINISHED
    DEBUG (JMS SessionPool Worker-0) [OIMCP.ADCS] com.thortech.xl.integration.ActiveDirectory.tcADUtilLDAPController : getPath:: STARTED
    DEBUG (JMS SessionPool Worker-0) [OIMCP.ADCS] com.thortech.xl.integration.ActiveDirectory.tcADUtilLDAPController : getPath:: FINISHED
    DEBUG (JMS SessionPool Worker-0) [OIMCP.ADCS] com.thortech.xl.integration.ActiveDirectory.tcADUtilLDAPController : connectToAvailableAD:: STARTED
    DEBUG (JMS SessionPool Worker-0) [OIMCP.ADCS] com.thortech.xl.integration.ActiveDirectory.tcADUtilLDAPController : hashTableEnvForDirContext:: STARTED
    DEBUG (JMS SessionPool Worker-0) [OIMCP.ADCS] com.thortech.xl.integration.ActiveDirectory.tcADUtilLDAPController : hashTableEnvForDirContext:: STARTED
    DEBUG (JMS SessionPool Worker-0) [OIMCP.ADCS] com.thortech.xl.integration.ActiveDirectory.tcADUtilLDAPController : hashTableEnvForDirContext:: FINISHED
    DEBUG (JMS SessionPool Worker-0) [OIMCP.ADCS] com.thortech.xl.integration.ActiveDirectory.tcADUtilLDAPController : hashTableEnvForLDAPContext:: STARTED
    DEBUG (JMS SessionPool Worker-0) [OIMCP.ADCS] com.thortech.xl.integration.ActiveDirectory.tcADUtilLDAPController : hashTableEnvForLDAPContext:: STARTED
    DEBUG (JMS SessionPool Worker-0) [OIMCP.ADCS] com.thortech.xl.integration.ActiveDirectory.tcADUtilLDAPController : hashTableEnvForLDAPContext:: FINISHED
    INFO (JMS SessionPool Worker-0) [OIMCP.ADCS] com.thortech.xl.integration.ActiveDirectory.tcADUtilLDAPController : connectToAvailableAD : SSL option is not selected in ITResource
    DEBUG (JMS SessionPool Worker-0) [OIMCP.ADCS] com.thortech.xl.integration.ActiveDirectory.tcADUtilLDAPController : connectToAvailableAD:: FINISHED
    DEBUG (JMS SessionPool Worker-0) [OIMCP.ADCS] com.thortech.xl.integration.ActiveDirectory.tcADUtilLDAPController : modifyAttributes:: STARTED
    DEBUG (JMS SessionPool Worker-0) [OIMCP.ADCS] com.thortech.xl.integration.ActiveDirectory.tcADUtilLDAPController : modifyAttributes : Attributes modified: CN=ATL-BASE-AD-LOGON,OU=Groups,OU=ATL
    DEBUG (JMS SessionPool Worker-0) [OIMCP.ADCS] com.thortech.xl.integration.ActiveDirectory.tcADUtilLDAPController : modifyAttributes:: FINISHED
    DEBUG (JMS SessionPool Worker-0) [OIMCP.ADCS] com.thortech.xl.integration.ActiveDirectory.tcADUtilLDAPController : disconnect:: STARTED
    DEBUG (JMS SessionPool Worker-0) [OIMCP.ADCS] com.thortech.xl.integration.ActiveDirectory.tcADUtilLDAPController : disconnect:: FINISHED
    DEBUG (JMS SessionPool Worker-0) [OIMCP.ADCS] com.thortech.xl.integration.ActiveDirectory.tcUtilADTasks : addUserToGroup:: FINISHED
    DEBUG (JMS SessionPool Worker-0) [XELLERATE.ADAPTERS] Class/Method: tcAdpEvent/setAdpRetVal entered.
    DEBUG (JMS SessionPool Worker-0) [XELLERATE.ADAPTERS] Class/Method: tcAdpEvent/getRetValString entered.
    DEBUG (JMS SessionPool Worker-0) [XELLERATE.ADAPTERS] Class/Method: tcAdpEvent/getRetValString - Data: class - Value: java.lang.String
    DEBUG (JMS SessionPool Worker-0) [XELLERATE.ADAPTERS] Class/Method: tcAdpEvent/getRetValString - Data: poRetVal.toString() - Value: AD.ADD_USER_TO_GROUP_OPERATION_SUCCESSFUL
    DEBUG (JMS SessionPool Worker-0) [XELLERATE.ADAPTERS] Class/Method: tcAdpEvent/getRetValString - Data: Returning:sRetVal - Value: AD.ADD_USER_TO_GROUP_OPERATION_SUCCESSFUL
    DEBUG (JMS SessionPool Worker-0) [XELLERATE.ADAPTERS] Class/Method: tcAdpEvent/getRetValString left.
    DEBUG (JMS SessionPool Worker-0) [XELLERATE.ADAPTERS] Class/Method: tcAdpEvent/setAdpRetVal - Data: Setting Adapter Return Value to AD.ADD_USER_TO_GROUP_OPERATION_SUCCESSFUL - Value:
    DEBUG (JMS SessionPool Worker-0) [XELLERATE.ADAPTERS] Class/Method: tcAdpEvent/setAdpRetVal left.
    DEBUG (JMS SessionPool Worker-0) [XELLERATE.ADAPTERS] Class/Method: tcAdpEvent/finalizeProcessAdapter entered.
    DEBUG (JMS SessionPool Worker-0) [XELLERATE.SERVER] Class/Method: tcBusinessObj/getString entered.
    DEBUG (JMS SessionPool Worker-0) [XELLERATE.SERVER] Class/Method: tcDataBase/readPartialStatement entered.
    INFO (JMS SessionPool Worker-0) [XELLERATE.DATABASE] DB read: select mav.spd_key,mav.mav_map_child_table_name, mav.mav_map_to, mav.mav_map_qualifier, mav.mav_map_value, mav.mav_field_length from mav mav, mil mil, adv adv where mav.mil_key = mil.mil_key and mil.mil_key = 119 and mav.adv_key = adv.adv_key and adv.adv_name = 'Adapter return value' and adv.adp_key = 36
    DEBUG (JMS SessionPool Worker-0) [XELLERATE.DATABASE] select mav.spd_key,mav.mav_map_child_table_name, mav.mav_map_to, mav.mav_map_qualifier, mav.mav_map_value, mav.mav_field_length from mav mav, mil mil, adv adv where mav.mil_key = mil.mil_key and mil.mil_key = 119 and mav.adv_key = adv.adv_key and adv.adv_name = 'Adapter return value' and adv.adp_key = 36
    DEBUG (JMS SessionPool Worker-0) [XELLERATE.ADAPTERS] Class/Method: tcAdpEvent/finalizeProcessAdapter - Data: Mapped to Response Code - Value:
    DEBUG (JMS SessionPool Worker-0) [XELLERATE.ADAPTERS] Class/Method: tcAdpEvent/updateSchItem entered.
    DEBUG (JMS SessionPool Worker-0) [XELLERATE.ADAPTERS] Class/Method: tcAdpEvent/updateSchItem - Data: event - Value: adpADCSADDUSERTOGROUP
    DEBUG (JMS SessionPool Worker-0) [XELLERATE.ADAPTERS] Class/Method: tcAdpEvent/updateSchItem - Data: New Status - Value:
    DEBUG (JMS SessionPool Worker-0) [XELLERATE.ADAPTERS] Class/Method: tcAdpEvent/updateSchItem - Data: SchData - Value: AD.ADD_USER_TO_GROUP_OPERATION_SUCCESSFUL
    DEBUG (JMS SessionPool Worker-0) [XELLERATE.ADAPTERS] Class/Method: tcAdpEvent/updateSchItem - Data: Reason - Value:
    DEBUG (JMS SessionPool Worker-0) [XELLERATE.SERVER] Class/Method: tcBusinessObj/getString entered.
    DEBUG (JMS SessionPool Worker-0) [XELLERATE.SERVER] Class/Method: tcBusinessObj/getString entered.
    Is groupDN value comming as "space" in my environment ENV 1?
    or
    Is it not calling "tcADPClassLoader:findClass - Data: loading class - Value: com.thortech.xl.schedule.tasks.ADITRes" to removeDomain from Name.
    Please suggest me.

  • Database Availability Group Missing on 2 Exchange Servers

    I have a an existing Exchange 2007 setup and installed 2 Exchange 2013 servers that have the Mailbox and CAS role.  When I go to the ECP menu and click on databases there is no option available to create the DAG.

    I Don't think that the Exchange 2013 installation is successful. If it successful then it might have been a problem with RBAC Roles which were not delegated properly to the account you are using to logon to ECP.
    Try below and check if you are able to create DAG.
    1. Create a New User and make it a member of Organization Management, Enterprise admins, Domain Admins, Schema Admins,
    Built-in Administrators, Group policy Creator Owners and run the command below on the powershell: Set-User NewUser -RemotePowershellEnabled:$True
    2. Logoff and Login Back using the Newly create account and check if you are able to see the option to Create DAG.
    IF you are not able to then Open Windows Powershell as administrator and run the commands below
    Add-Pssnapin *Setup
    Install-CannedRBACRoleAssignments -InvocationMode Install
    Install-CannedRBACRoles
    Install-CannedRBACRoleAssignmentsRAP
    Install-CannedAddressLists
    Lastly, i would also ask you to get the output of the command below:
    Get-ManagementRoleAssignment -Role "Database Availability Groups" -RoleAssignee OriginalUserWhoDontHaveCreateDagOptiononECP
    M.P.K ~ ( Exchange | 2003/2007/2010/E15(2013)) ~~ Please remember to click “Vote As Helpful" if it really helps and "Mark as Answer” if it answers your question, “Unmark as Answer” if a marked post does not actually answer your question. ~~ This
    Information is provided is "AS IS" and confers NO Rights!!

  • Add User to Group Behavior

    Hi all
    I found
    this post that explains the same issue I'm having, but the marked answer isn't relevant to my environment. I've built a user creation runbook, using 2012 R2 and this
    Active Directory Integration Pack. Everything works properly, except I'm getting strange security log events when using the Add User to Group activity.
    In one of the tests, I added a single user that was being created to about 100 different groups. Let's say one group has 50 members. When the user gets added to that group, the security audit shows that 50 users were removed from the group, and then those
    50 users were added back plus my new user. It shows this activity for every group that the user was added to. I get the following two actions for every member of the group:
    Member '-' was removed from 'Domain\Group' by 'Domain\User' on...
    Member 'DN of Member' was added to 'Domain\Group'...
    This is a problem because it makes our audit reports and notifications worthless since we'd have to read through all the noise to see an actual anomaly. I'm also concerned that if users are actually being removed and re-added to those groups, that there
    could be some consequences of that that we aren't seeing yet (i.e. application access interruptions, or what if the connection to AD is lost after removing the users but before adding them back in). Although I should say I'm not convinced that the users are
    actually being removed because as you can see above, no member information is recorded on the removal, and all the removals and additions have the same exact time stamp meaning they occurred within 1 second, which seems pretty fast given that some of our groups
    are large.
    Is this the intended behavior of the Add User to Group activity? If so, is there a workaround I can use to avoid this behavior? The next thing I'll try is using PowerShell to add the user to the group, but this option isn't ideal since the runbook will be
    managed by users who are not that familiar with scripting, so I'd like the solution to contain as little as possible.
    Thanks

    Hi,
    the issue of the AD IP 7.0 is reported here 
    http://social.technet.microsoft.com/Forums/de-DE/eef9cdda-774f-4b95-bd89-aa3f86feee9b/ad-integration-pack-add-user-to-group-activity-problem?forum=scoscip
    Try the up-to-date Version 7.2
    http://www.sc-orchestrator.eu/index.php/scoblog/115-updated-system-center-2012-r2-orchestrator-integration-packs-available
    Regards,
    Stefan
    www.sc-orchestrator.eu ,
    Blog sc-orchestrator.eu

  • SF-300-08 SNMP setup doesn't show any Groups in Add User pulldown

    I'm setting up a new SF-300-08 with SNMP.\
    I have defined Groups OK.
    But, when I go to Add User, the Group pulldown is grayed out and I can't add a user.                 

    What version snmp are you using? Groups for users is only available in snmp v3.
    Sent from Cisco Technical Support iPad App

  • Maintenance plan for SQL Server 2012 Database in AlwaysOn Availability Group

    Hi all,
    I need assistance creating a maintenance plan that will backup a databases logs in order to prevent them from filling up the drive they are located on. I have looked at some blogs but they do not specifically show how this is done.
    My database is in an AlwaysOn Availability Group.
    Thank you very much for your help!
    Jake

    Hi all,
    I need assistance creating a maintenance plan that will backup a databases logs in order to prevent them from filling up the drive they are located on. I have looked at some blogs but they do not specifically show how this is done.
    My database is in an AlwaysOn Availability Group.
    Regular maintenance plan would work. Only thing to remember is that when you create log backup plan, there is a checkbox which says whether it should honor backup preference or not.
    Balmukund Lakhani
    Please mark solved if I've answered your question, vote for it as helpful to help other users find a solution quicker
    This posting is provided "AS IS" with no warranties, and confers no rights.
    My Blog |
    Team Blog | @Twitter
    | Facebook
    Author: SQL Server 2012 AlwaysOn -
    Paperback, Kindle

  • Add user to group in Exteranl Authentication mode

    I have configured my Login Server to authenticate against a database instance. Now I want to prepopulate certain Portal users and add them to appropriate groups.
    From SQL+ as PORTAL30 I ran the follwing:
    declare
    v_userid number;
    v_group number;
    begin
    v_userid := wwsec_api.id('TESTUSER');
    v_group := wwsec_api.group_id('TESTGROUP');
    wwsec_api.add_user_to_list(v_userid,v_group,wwsec_api.NOT_OWNER);
    end;
    The procedure runs successfully. When I login to Portal (as PORTAL30) and check the members of the TESTGROUP, I don't see TESTUSER. Do I need to restart the server? Or do some other refresh activity?
    When I try running the same procedure again I get
    ORA-00001: unique constraint (PORTAL30.WWSEC_MEBR_UK) violated
    which would indicate that the user was added to the group.

    In case anyone looked, I was missing the commit.
    Thanks anyway.

  • Move database while in AlwaysOn availability group

    Hee Guys I have a question and I try to find answer on the internet but I could find it. I have a database that is in a Availability group. There is constantly data written in the database. I really want to move it to a new disk. I am working with a SQL
    2012 enterprise edition. Is there a way to move the database on both servers without losing data? 
    I was thinking of de-attaching and attaching it but that is not allowed while in the availability group. When I take it out of the group and move it to the new disk on the secondary server, then I cannot put it back in an availability group because the path
    is not the same. Can somebody tell me how to do this in the right way.
    Any help is appreciated!

    I did some testing. What I am missing in the script is to kill transactions and processes. On one database I got the following exception:
    --MOVE FILES
    xp_cmdshell 'move "F:\Database\DBName1*.*" M:\Database\' -- Change values
    go
    F:\Database\DBName1.ldf
    The process cannot access the file because it is being used by another process.
            0 file(s) moved.
    NULL
    On the another database I got something the same: 
    GO
    ALTER DATABASE [DBName2] SET ONLINE -- Change values
    GO
    File activation failure. The physical file name "E:\Database\DBName2.ldf" may be incorrect.
    The log cannot be rebuilt because there were open transactions/users when the database was shutdown, no checkpoint occurred to the database, or the database was read-only. This error could occur if the transaction log file was manually deleted or lost due to
    a hardware or environment failure.
    Msg 5181, Level 16, State 5, Line 2
    Could not restart database "DBName2". Reverting to the previous status.
    Msg 5069, Level 16, State 1, Line 2
    ALTER DATABASE statement failed.
    What is the best way to go around this? I tried to use EXEC sp_who2 and Kill but there are no processes for these database. I also looked in the resource monitor to see if there are files in used but this is also not the case.

Maybe you are looking for